CLAIMS 

1 1 . MethVl for protecting the processing of sensitive information in a security 

2 module with a monolimic structure, the module comprising information processing 

3 means (31) and means fdr storing (32,33) information capable of being processed by said 

4 processing means, charactVized in that it comprises the following steps: 

5 - selecting a piece of^ensitive information in the storage means; 

6 - determining a specifi^ condition for the integrity of said information; 

7 - reading the information and transmitting it to the processing means; 

8 - verifying during the proc^essing of the information that the specific condition is 

9 satisfied; 

10 - disabling the processing of^he information if the specific condition is not 

P- 1 1 satisfied. 

fj 1 2. Method according to claim 1, wherein the information is an operation code 

i 2 read in the storage means (32, 33), all of flie^eration codes being contained in a table 

?! 3 having a content determined during the fmandli^cture of the security module, and the 

"y 4 specific integrity condition is the fact that th^ value of the information is equal to one of 

□ 5 several set values. 

1 3. Method according to claim 2, wherein the operation code to be processed 

2 is coded in the form of data bits and said bits do n6t all have the same binary value. 

1 4. Method according to claim 1, whereinuhe specific integrity condition 

2 consists of checking a calculated piece of integrity dataoising the information read iri the 

3 storage means (32, 33), the integrity data being calculated during the reading of the 

4 information and being transmitted to the processing meank the processing means 

5 calculating another piece of integrity data from the information received and checking for 

6 equality between the two integrity data. 
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1 5. Method according to claim 4, wherein the integrity data are calculated 

2 from at least one pieW of calculation data whose value varies as a function of time. 

1 6. Method according to claim 4, wherein the integrity data are calculated 

2 from at least one piece of calculation data whose value varies randomly. 

1 7. Method according to claim 1, wherein the disabling of the processing of 

2 the information is performed by a microprogrammed instruction. 

1 8. Method according to claim 7, wherein the microprogranmied instruction 

2 performs the following steps: ^j.^ 

3 - writing a piece of disable data\nto a nonvolatile location of the storage means 

4 (32, 33); \ 

5 - disabling the processing of the iri^rmation. 

1 9. Method according to claim 8 Wh^ein, at the power-up of the module, a 

2 nonvolatile location of the storage means (32,y3!) is read by the processing means (31), 

3 and the module is disabled if a value read at thik location does not match. 

2 structure and comprising information processing rri^ans (31) and information storage 

3 means (32, 33), the processing means selecting information extracted from the storage 

4 means in order to process it, characterized in that the processing means comprise means 

5 for verifying a specific integrity condition of a piece ortsensitive information, and means 

6 for disabling the processing of the information, said disabling means being activated 

7 when the verification means have detected that the specifl^condition is not satisfied. 

1 11. Security module according to claim 10, wher^n the processing means (31) 

2 execute instructions corresponding to operation codes extractek^from a table, 

3 characterized in that the table comprises a forbidden instruction value. 

\ 
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12. SecuriW module according to claim 11, wherein the operation code to be 
processed is coded in tnfe form of data bits, the security module comprising a means for 
reading the values of all thp bits and a disabling means activated when the values of the 
bits are all identical. 



13. Security module Recording to claim 10, wherein the processing means (31) 
execute instructions corresponding^to operation codes extracted from a table, the security 
module comprising a means for reading an operation code and a disabling means 
activated during the reading of a forbidden operation code. 

14. Security module according to claim 13, wherein the disabling means 
comprise a means for irreversibly writing an indicator into the storage means (32, 33), 
and a means for reading said indicator during the next power-up of the module. 

15. Security module according to cl\im 10, comprising parity generators (7, 8) 
cooperating with the storage means, parity genemfoS^l 1) cooperating with the 
processing means, and a comparator connectedfto\e^(4l of the parity generators and 
capable of inducing an interrupt in the processing ririean^. 

16. Security module according to claim l\ wherein the operation of the parity 

\ 

generators (7, 8) varies as a function of time. 

17. Security module according to claim 15, wf|erein the operation of the parity 
generators (7, 8) varies randomly. 

18 Security module according to claim 14, characterized in that the 
irreversible writing of the indicator into the storage means (32,^3) is performed by 
executing a microprogrammed instruction. 




19. Security module according to claim 10, characterized^in that the security 
module is a microcircuit card. 
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